This Month in the Threat Webscape – March 2011

Major hits

March 17 of this year will be remembered very well for a long time – in fact, we should celebrate it as the BreachID Day from now on. RSA’s Executive Chairman Art Coviello wrote an open letter explaining a short background about the breach, which happened in their “kitchen” as an “extremely sophisticated cyber attack” that put their SecurID product at risk. Even though the breach probably did not disclose any very sensitive data, it pointed out just how fragile the security is.

Popular streaming service Spotify got compromised via third-party ads that served malicious content to all free users. Seems like free does come at a price after all.

Comodo, a cerificate vendor, informed us that nine bogus SSL certificates had been issued for several top Alexa domains. The certificates were revoked immediately. Well, once Comodo found out what had been going on. However, it happened again for two more and again and – in fact, who knows what else?

Are you using TripAdvisor when planning your holidays? You really should expect more spam in the future. The company announced a breach losing all members data. Fortunately, no credit card details – for this time at least.

…(read more)

Read More »